Tron recently resolved a bug that could have made the entire network unusable, according to a report by hackerone first surfaced by The Next Web's Hard Fork. A single agent could have consumed CPU by carrying out Distributed Denial-of-Service (DDoS) attacks. The agent could have submitted smart contracts with “several megabytes of bytecode,” and with enough of them sent—fill up the memory.
According to the report, “Using a single machine an attacker could send DDOS attack to all or 51 per cent of the SR node and render Tron network unusable or make it unavailable.”
The exploit was first flagged on Jan. 14, and the researcher received a $1,500 bounty in February.